Vulnerability Description
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Http Server | 2.2.0 |
| Redhat | Enterprise Linux Desktop | 6.0 |
| Redhat | Enterprise Linux Eus | 7.3 |
| Redhat | Enterprise Linux Server | 6.0 |
| Redhat | Enterprise Linux Server Aus | 7.3 |
| Redhat | Enterprise Linux Server Tus | 7.3 |
| Redhat | Enterprise Linux Workstation | 6.0 |
| Redhat | Jboss Enterprise Web Server | 3.0.0 |
| Redhat | Enterprise Linux | 6.0 |
| Oracle | Enterprise Manager Ops Center | < 12.1.4 |
| Oracle | Http Server | 10.1.3.5.0 |
| Oracle | Linux | 6 |
| Oracle | Solaris | 11.2 |
| Apple | Mac Os X | < 10.10.4 |
| Apple | Mac Os X Server | < 5.0.3 |
| Canonical | Ubuntu Linux | 10.04 |
References
- http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlMailing ListThird Party Advisory
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.htmlMailing ListThird Party Advisory
- http://marc.info/?l=apache-httpd-dev&m=139636309822854&w=2Mailing ListThird Party Advisory
- http://marc.info/?l=bugtraq&m=143403519711434&w=2Issue TrackingMailing ListThird Party Advisory
- http://marc.info/?l=bugtraq&m=144493176821532&w=2Issue TrackingMailing ListThird Party Advisory
- http://martin.swende.se/blog/HTTPChunked.htmlBroken LinkExploitThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-0325.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1249.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-2661.htmlBroken LinkThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-0061.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-0062.htmlThird Party Advisory
- http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGESRelease NotesVendor Advisory
- http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.cPatchVendor Advisory
- http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1PatchVendor Advisory
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:174Third Party Advisory
FAQ
What is CVE-2013-5704?
CVE-2013-5704 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer...
How severe is CVE-2013-5704?
CVE-2013-5704 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5704?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Eus, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus.